By Staff Writer
Ten Australian cybersecurity start-ups strutted their stuff on Wednesday in an Australian Cyber Week event that turned into a showcase of talent, innovation, and how to apply tech smarts to real-world problems.
The ten companies pitched their products before a panel of cybersecurity experts, including chief information security officers from top tier Australian firms.
“The thing that struck me is there’s not one similar product. There was different content in each,” said US eco-system development lead and chief operating officer at AustCyber, Michelle Mosey.
“It shows you the absolute capability that is resident in Australia and the diversity that we’ve got.”
Many of the participating firms are regulars on the pitch circuit and had a finely tuned patter. Others were newer to the scene. While there was little overlap in products or services pitched, the panel uniformly applauded the way markets were cleverly targeted by the start-ups.
The cybersecurity products and services pitched also addressed needs that are currently unmet or promise to shake up the way existing products or services currently get delivered.
Andrew Eddy is a co-founder of Untapped. He described Untapped as a social enterprise focused on developing a neurodiverse employment ecosystem to increase opportunities for autistic individuals.
“We work with organisations to implement autism at work programs,” Mr Eddy told the panellists. “There is a significant deficiency in cybersecurity talent to meet current and future needs – an important and well-known problem.
“What is probably not as well known is that some autistic individuals possess traits that line up well with a skilled cybersecurity analyst.
“Our solution is to develop an autistic cybersecurity talent pool. We have created the Genius Armory platform that delivers the talent pool and are attracting individuals that may not have previously considered cybersecurity as a place to work in.”
Genius Armory teaches individuals and organisations to embed neurodiversity as a competitive advantage. It has obvious social benefits – getting sometimes hard to employ people into work – but it is a two-way street.
Andrew Eddy argues the way many autistic people think makes them a natural fit for the cybersecurity industry. He says intelligent organisations will harness this, and Eddy says Untapped is the vehicle for doing so.
Another participant who captured the panellists’ attention was Susie Jones, co-founder and CEO of Cynch. This Melbourne-based start-up manages a firm’s cyber fitness, including helping them manage cyber risks along their supply chains.
James Turner, managing director at CISO Lens, called the ability to manage cyber risk along a supply chain “amazing.”
“Helping an enterprise by looking at its supply chain is incredible,” he said.
Jones says there is increasing regulatory pressure on larger businesses to actively manage cyber risks along their supply chain, especially for larger enterprises that include smaller businesses in their supply chains.
“The problem is growing at an alarming pace, and automating the distribution of security questionnaires simply doesn’t cut the mustard,” she told the panellists. “Cyber fitness for small business owners rather than assurance is a solution,”
Cynch’s platform simplifies cybersecurity for small and medium businesses. It allows small businesses to demonstrate their cyber maturity against standards such as the Essential Eight, ISO 27001, and against bespoke cyber security questionnaires big companies and governments need completed before doing business with the smaller enterprise.
“We give clients consistent visibility of the cyber posture of their aggregate supply chain risks that was previously impossible to apply to any small business suppliers.”
Demonstrating the diversity of pitches on Wednesday, DroneSec Mike Monnik also gave a presentation about his firm’s drone security platform that ensures safe and secure drone operations.
Dronsec came about because its founders saw how easy it was for commercial drone operations to be hacked. They describe drones as “hovering laptops” that are susceptible to vulnerabilities.
Monnik says CISOs face critical risks with drone operations, including capturing information, weaponizing captured drones, ransoms or disruptions due to vulnerabilities, and a lack of tooling to assist cybersecurity teams monitoring or defending drone assets.
“With this in mind, we have brought to market a drone security platform. We merge cybersecurity threat intelligence and guiding principles into a centralised offering, which provides a turnkey solution to managing security,” he said.
“You’ve spotted a niche, and you’re absolutely going for it,” said James Turner. “You’ve found a specific area that’s got a problem.”
Monnik says he’s not about forcing drone operators to get drone security. Instead, he wants to enable it. He estimates the drone market will be worth $500 billion by 2028. Dronsec estimates 2.2% of that market will need drone security, an $11 billion market Mike Monnik wants a slice of.
The final pitch on Wednesday came from Devicie’s Martin McGregor. Devicie is tapping into the work from home trend and the headaches it causes businesses trying to manage employee devices and their security.
Devicie automates the customisation, configuration and deployment of an organisation’s devices, including building best practice cybersecurity measures into their packages.
McGregor told panellists the work from home trend had created substantial cybercrime risks for organisations, with over 80% of ransomware phishing campaigns targeting end-users like work from home employees.
“Basic device management security tasks just don’t get done, even in mature organisations,” he says.
“Devicie brings organisations to what’s called the future state, which means that employees have to log on to a new Windows, iOS, Android or iOS device, and Devicie sets up everything they need over the time.
“And even if they lose the device, they just simply have to replace it, and Devicie will set up all their applications, settings, files, and access ready to go, then behind the scenes, Devicie is continuing the layer upon layer of mature auditable security.”
Panellists agreed the calibre of pitches demonstrated the depth and diversity of cybersecurity talent in Australia. Amid concerns about a lack of pathways into cybersecurity and a brain drain overseas, the Australian Cyber Week pitch event showed there is plenty of on-ground cybersecurity talent in Australia.
“I was blown away,” said AustCyber’s Michelle Mosey after the ten presentations.
AustCyber is providing that platform of effective communication at its Australian Cyber Week 2021 event.
MySecurity Media is an official partner of the virtual conference to be held between 25-29 October.
